This post is intended for businesses and other organizations interested... Read more →
Posted by Richy George on 13 June, 2016This post was originally published on this site
A new OS often retires features that were in its predecessor. If you’re still holding onto Windows 7 because a feature you’re fond of doesn’t appear in Windows 10, chances are there are alternative programs you can install to replace it. Here are five of them, and they’re all free.
Posted by Richy George on 10 June, 2016This post was originally published on this site
Windows 10 gives you 31 days to go back to your prior Windows version. Whether you’ve changed your mind or you were forced into the upgrade, here’s how to get your old life back.
Posted by Richy George on 9 June, 2016This post was originally published on this site
Yesterday Microsoft released the latest Windows 10 beta, build 14361, 10.0.14361.0.rs1_release.160603-1700. The About Windows box (type “winver” in Cortana) says we’re up to Version 1607 (OS Build 14361.0), thus confirming that Microsoft expects to ship the final version next month — which should come as a surprise only to a few goatherds in the Gobi Desert.
I had a chance to play with this build overnight, and it’s solid as a rock in general — but there are still a few disquieting surprises.
You can read about the highlights in Win10 Insider laureate Dona Sarkar’s official blog post. In addition to a long list of bug fixes, Sarkar tells us about improvements to Docker technology in Hyper-V Containers; improvements in Windows Ink, including a longer ruler and a new button that erases everything (primarily of import to those of you with Surface Books and Surface Pros); and a whole lot of cosmetic changes (if you get excited about highlighting in the Settings applet, knock yourself out).
The point that interested me most in her rundown was this:
LastPass extension for Microsoft Edge: We are excited to announce that LastPass, a popular free password management extension, is now available for download. Visit our extensions page at the Microsoft Edge Dev website to learn more and try it out for yourself!
Several hours after that blog was published, it was updated to add this sentence:
Be sure to check out the list of known issues for the LastPass extension here.
I’ve been anxious to get LastPass working with Edge — the last beta build was a disaster, for me — so I pushed ahead with this new version. I found the new LastPass, version 126.96.36.199, to be full-featured, including all of the nooks and crannies that LastPassers love. I was disappointed, though, to see that running an import/export required the use of a “binary version” (whatever that is) which didn’t work.
Looking at the Developer site changelog, LastPass also has these problems:
- Copying with keyboard shortcuts does not work in the LastPass extension popup
- Creating a new profile from the LastPass popup may crash the browser
- LastPass Vault fails to load when there are no items in the vault
- LastPass icons overlap the default placeholder glyphs for credential textboxes
Tellingly, the LastPass blog on the release says:
We’re still working hard on the extension, with more great improvements to come as the Microsoft team also makes enhancements to Microsoft Edge browser.
You may read that differently, but it sounds to me like Edge is having protracted problems getting extensions to work.
I also had intermittent problems with LastPass — at times it was very slow, at other times it refused to recognize certain sites unless I waited for many minutes. I’d be willing to bet that the LastPass extension is one of the major roadblocks standing in the way of getting the Anniversary update out in time for the, er, Anniversary.
One of the AskWoody.com contributors, PK Cano, experienced repeated crashes in the Settings app when working with Privacy applet. Although it doesn’t solve the problem, that’s a known issue, documented in Sarkar’s blog post:
Navigating to the Privacy pages in Settings app will crash the Settings app and prevent you from adjusting your privacy settings. Your privacy settings already set will remain intact after updating to this build.
There are also documented problems with the French language version (which doesn’t install at all) and an Edge file downloading glitch that occurs when you click a download link.
Looking around the build, I found that there’s still no clean way to turn off Cortana. In build 10586 you can turn off Cortana by going into the Notebook, Settings applet and then simply turning Cortana off. There’s no analogous setting in build 14631, and it’s not clear if the “Stop getting to know me” switch in the Windows Settings Privacy applet really does turn off Cortana.
There have also been numerous complaints that the 12 hours being given to block a reboot isn’t sufficient. (Click Start > Settings > Update & security > Windows Update, on the right click the link to Change active hours.) In earlier Win10 beta builds, you could set aside a block of 10 hours where Win10 would never reboot your system. With version 14631, that blackout period has been extended to 12 hours (I haven’t had a chance to test it yet). But some people figure 12 hours isn’t long enough. No idea why Microsoft doesn’t simply extend the blackout period to 18 hours or more.
I’ve also seen multiple reports that the new Microsoft Authenticator app — the one that will ultimately let you unlock your Win10 PC from a Windows 10 phone, running over Bluetooth — crashes frequently. If you were planning to buy a Windows phone to run Authenticator, better to keep that money in your pocket.
As usual there’s an excellent, comprehensive, staccato list of changes at changewindows.org.
Posted by Richy George on 8 June, 2016This post was originally published on this site
Tablets were the big thing a few years ago, purportedly soon to displace PCs. It didn’t happen, and tablet sales have been dropping for several years. Except for one kind of tablet: the kind with a detachable keyboard, epitomized by Microsoft’s Surface Pro. They’re the rising star, both for IT organizations and for computer makers.
Recent IDC data shows that more companies have deployed these devices — let’s call them “tabtops,” since “laplets” sounds like the return of the netbook and “detachable tablets” doesn’t quite ring true — than have deployed slate-style tablets like the iPad. In fact, per IDC, nearly as many companies have deployed these “tabtops” as have deployed regular laptops or touchscreen laptops. (To be clear, IDC’s survey isn’t about the number of actual devices deployed, but about the types of devices that businesses deploy. The actual number of individual tabtops deployed is tiny compared to the number of traditional laptops or even iPads.)
The Surface Pro has matured into a capable and attractive product, and you need look no further for proof than Apple’s iPad Pro, a clear response to the Surface Pro.
Google is now in the act, too, with its Pixel-C Android tabtop. Plus, Google plans to bring Android apps to its Chrome devices this fall — by which time Android N will support multiple application windows, as iOS 9 and Windows 10 already do. Chrome devices are already available with detachable keyboards and touchscreens, so the infusion of multiwindow Android to both Android tabtops and Chrome tabtops will complete Google’s journey to where Microsoft first ventured and Apple followed.
But what’s the point of these devices? iPads and Android tablets have long supported Bluetooth keyboards and keyboard covers, which function very much like the detachable keyboard that largely defines a tabtop. (Never mind that both Microsoft and Apple make you pay extra for the detachable keyboard they presume you will use with their tabtops.) And why not simply use a MacBook Air or lightweight PC laptop if a keyboard is so essential?
Posted by Richy George on 7 June, 2016This post was originally published on this site
Attackers are abusing the Windows Background Intelligent Transfer Service (BITS) to re-infect computers with malware after they’ve been already cleaned by antivirus products.
The technique was observed in the wild last month by researchers from SecureWorks while responding to a malware incident for a customer. The antivirus software installed on a compromised computer detected and removed a malware program, but the computer was still showing signs of malicious activity at the network level.
Upon further investigation, the researchers found two rogue jobs registered in BITS, a Windows service that’s used by the OS and other apps to download updates or transfer files. The two malicious jobs periodically downloaded and attempted to reinstall the deleted malware.
Even though it’s not very common, attackers have abused BITS to download malware since as far back as 2007. An advantage of using this approach is that BITS is a trusted service and is not blocked by the computer’s firewall.
However, the new Trojan program discovered by SecureWorks — part of the DNSChanger malware family — also abuses a little-known BITS feature to execute the downloaded file. This removes the need for malware to already exist on the system.
After completing the transfer, the rogue job executes a command as a BITS “notification” action. The command creates and launches a batch script called x.bat, which completes the BITS job, checks if the file has been saved and loads it in the computer’s memory as a DLL.
Through this technique, the attackers created “self-contained, download-and-execute BITS tasks that persisted even after the original malware was eliminated,” the SecureWorks researchers said Monday in a blog post.
Another problem is that while the Windows event log showed information about the previous BITS malicious transfers, the logged information about the pending tasks was limited. The researchers had to use other tools to parse the BITS jobs database to see the full details.
BITS jobs expire after 90 days but can potentially be renewed. In the case investigated by SecureWorks, the computer had been infected on March 4 and was cleaned by antivirus software 10 days later. The BITS job remained until it was discovered in May.
Companies should consider enumerating active BITS tasks on computers that continue to generate network or host security alerts after malware remediation, the researchers said. One way to do this is to execute the bitsadmin client from a cmd.exe session with elevated privileges by typing: bitsadmin /list /allusers /verbose.
Posted by Richy George on 6 June, 2016This post was originally published on this site
It’s bad news for businesses. Hackers have launched large-scale attacks that are capable of bypassing the security protections added by Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a tool whose goal is to stop software exploits.
Security researchers from FireEye have observed Silverlight and Flash Player exploits designed to evade EMET mitigations such as Data Execution Prevention (DEP), Export Address Table Access Filtering (EAF) and Export Address Table Access Filtering Plus (EAF+). The exploits have been recently added to the Angler exploit kit.
Angler is one of the most widely used attack tools used by cybercriminals to launch Web-based, “drive-by” download attacks. It is capable of installing malware by exploiting vulnerabilities in users’ browsers or browser plug-ins when they visit compromised websites or view maliciously crafted ads.
“The ability of Angler EK to evade EMET mitigations and successfully exploit Flash and Silverlight is fairly sophisticated in our opinion,” the FireEye researchers said Monday in a blog post.
First released in 2009, EMET can enforce modern exploit mitigation mechanisms for third-party applications — especially legacy ones — that were built without them. This makes it much harder for attackers to exploit vulnerabilities in those programs in order to compromise computers.
While EMET is often recommended as a defense layer for zero-day exploits — exploits for previously unknown vulnerabilities — it also gives companies some leeway when it comes to how fast they patch known flaws.
In corporate environments, the deployment of patching does not happen automatically. Patches for the OS or stand-alone programs need to be prioritized, tested and only then pushed to computers, a process that can substantially delay their installation.
With widespread exploits now able to evade EMET mitigations, the tool should no longer be relied on to protect old versions of applications like Flash Player, Adobe Reader, Silverlight or Java until a company can update them.
Unfortunately, organizations are sometimes forced to keep old versions of browser plug-ins and other applications installed on endpoint computers in order to maintain compatibility with custom-made internal Web applications that haven’t been rewritten in years.
“Applications such as Adobe Flash, web browsers, and Oracle Java should be patched routinely, prioritizing critical patches, or removed if possible,” the FireEye researchers said. “Because the web browser plays an important role in the infection process, disabling browser plugins for Flash or Silverlight may also reduce the browser attack surface.”
Posted by Richy George on 6 June, 2016This post was originally published on this site
A petition launched Friday asks the Electronic Frontier Foundation (EFF) to investigate Microsoft’s aggressive moves to convince and cajole users into upgrading to Windows 10.
The request was launched on Change.org, a popular online petition website, and by early Monday had garnered more than 470 signatures.
“Microsoft’s practices with their newest operating system, named Windows 10, has been ignorantly unethical at best and malicious at worst,” wrote the petition organizer, Todd Kleinpaste, who listed media accounts of the company’s upgrade strategy. “Reports everywhere state that people are being tricked or forced into upgrading to Windows 10 from their current, preferred version of Windows.” [Emphasis in original.]
While Kleinpaste threw in a kitchen sink’s worth of complaints — not just about the upgrade process but also Windows 10’s telemetry settings and Windows Store policies — the bulk of those signing the petition focused on Microsoft’s attempts to get users to upgrade.
“It’s like someone changing your underwear while you sleep!” said wag Brian Tatman on Monday.
“Microsoft ‘encouragement’ to GWX went WAY too far,” added Alan Pugh. “A PC at our remote site got upgraded without my consent which broke the network connection, meaning that the computer is now useless to me.”
“The number of clients we’ve had to assist in recovering from surprise updates has only increased over the last 6 months, and while it certainly has provided a certain amount of job security, the cost to individual users across the world has got to be staggering,” added James Allerd today.
“Please sign this petition to draw the EFF’s attention and ask them to investigate Microsoft for unethical business practices,” wrote Kleinpaste, the petition’s organizer.
The EFF was not immediately available for comment.
Even before Windows 10’s release in July 2015, Microsoft had been taking unprecedented steps to boost the new operating system’s uptake, ranging from offering a free upgrade to planting the Get Windows 10 (GWX) app on millions of Windows 7 and 8.1 systems. The GWX app initially let customers “reserve” a copy of the upgrade, but has mutated since then to pre-load the necessary files on PCs, replace itself if deleted, and most recently, to schedule the upgrade itself.
That scheduling has been the latest Microsoft maneuver to raise customers’ hackles, notably because the notification assumes user approval when someone clicks the red “X” to close the frame. That interpretation runs counter to decades of practice and Microsoft’s own design guidelines.
Because the free upgrade offer will expire on July 29, many expect that Microsoft will stop dunning customers by disabling the GWX apps. The company, however, has declined to confirm that.
This story, “Petition condemns Windows 10 upgrade practices, asks EFF to investigate” was originally published by Computerworld.
Posted by Richy George on 3 June, 2016This post was originally published on this site
Jon, Mark and Gordon talk about backpack PCs for VR, AMD’s super-cheap GPU, and whether you might have to wait three years for that new iPhone.
Posted by Richy George on 2 June, 2016This post was originally published on this site
Take a break from Live Tiles! Launch programs or create shortcuts from this simple, minimalist view.
Posted by Richy George on 2 June, 2016This post was originally published on this site
Yesterday, Microsoft released a new Windows 10 build, KB 3163014. There’s no associated KB article.
The new build, which brings Windows 10 version 1511 up to build 10586.338, is only being distributed to the very small group of people in the so-called Windows 10 Insider Release Preview ring.
Microsoft quondam Windows spokesman Gabe Aul announced the Insider Release Preview ring back in February, but it was tacked on the end of a Windows Experience blog post that you might’ve missed — “Announcing Windows 10 Mobile Insider Preview Build 10586.107.” Later in the post, Aul explained that new Windows Insider Preview ring:
Will focus on Insiders that want to stay on the Current Branch (currently builds based off of 10586), but continue to receive early access to updates, application updates, and driver updates…. Best for Insiders who enjoy getting early access to updates for the Current Branch, Microsoft applications, and drivers, with minimal risk to their devices, and still want to provide feedback to make Windows devices great.
He goes on to link to a Feb. 10 Windows Insider Hub article. That articles goes into great depth about the Windows and Devices Group, Windows as a Service, the difference between feature upgrades and servicing updates, DB, CB, CBB, LTSB and other topics guaranteed to put you to sleep.
Here’s what they don’t say:
If you’re an admin for any Windows 10 PCs, or if you work for a company that builds any kind of software that could run on Windows 10, you need to get at least one of your Win10 test machines set up for the Insider Release Preview ring.
The reason’s simple: To a first approximation, Microsoft’s releasing Win10 cumulative updates a week or so early so you can test them before they go out to the unwashed masses. Microsoft billed the Insider Release Preview ring as a kinder, gentler alternative to the Insider Program beta Slow Ring. While that’s a fair description, more or less, it masks the real import of the Insider Release Preview ring: It’s a way for you (and admins and devs) to kick around cumulative updates before they go out the Automatic Update chute.
If that sounds vaguely familiar, take a look at my proposal for a “Patch Monday” published in InfoWorld three years ago.
So much for theory. Here’s how it worked last month. On or about April 27, Microsoft released a patch for the Windows Insider Preview ring that changed Windows 10 build 10586.218 (released April 12) to build 10586.240. If you missed it, I forgive you — news of the release got all mashed up with a Windows Mobile build that I, for one, mistook for a death rattle.
Those in the Insider Release Preview ring had a chance to kick the tires on the cumulative update for a couple of weeks before Microsoft released the “for real” Win10 Cumulative Update on May 10. The real cumulative update, though, wasn’t for build 10586.242, but it brought Win10 1511 machines up to build 10586.318. If you were kicking the tires with 10586.242, there were additional changes prior to the real mainstream release — but at least you had a chance to kick a few tires, rather than having the whole mess arrive unbidden.
I’ve seen no reports of problems updating from 10586.242 to 10586.318.
Right now, it appears unlikely that the next cumulative update will go to build 10586.338. There’s a new kid in town, 10.0.10586.416.th2_release_sec.160523-1816, that appears to be destined for the Windows 10 Automatic Update chute sometime later this week or early next week.
That’ll bring plain-vanilla Win10 machines up to 10586.416. Still, if you administer a group of Win10 computers, or you distribute software that’ll be run on Win10 computers, it’d be a very good idea to run 10586.338 through the wringer. Scream bloody murder in the Feedback app if you find a problem.
If you want to put a PC on the Insider Release Preview rings, it’s a two-step process. First you have to use a Windows account to join the Insider Program, which can take a day or two for approval. Once your account has been approved for the Insider Program, you need to log on to a Windows 10 PC with that account, then go to Start > Settings > Update & Security. Click the link to Advanced options. At the bottom, under Get Insider Preview builds, click Get Started, and go through the motions. After you reboot, you will be in the Slow Ring. Go through the sequence once again and move the slider to the left to get into Insider Release Preview ring. The latest Insider Preview ring build should be in Windows Update immediately.
Patch Monday is here. Use it.
Copyright 2015 - InnovatePC - All Rights Reserved
Site Design By Digital web avenue